Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EE03B/AF9671660B6E11EEB29BB170C4F9AE02/C5172A0C0B7E11EE87CBB764C4F9AE02.roa
File: C5172A0C0B7E11EE87CBB764C4F9AE02.roa (raw, json)
Hash identifier: tFBvA+ocgq/FCCqE9ogBkscm8v6fskq2l6ryWrEY9lk=
Subject key identifier: FF:8E:CA:44:8D:69:E6:F5:98:A2:6F:FD:0E:BC:FC:05:96:49:FF:B8
Certificate issuer: /CN=A91EE03B/serialNumber=B9E60CF179F4EACBDB9492BA5F7CACF45239CCF4
Certificate serial: 03
Authority key identifier: B9:E6:0C:F1:79:F4:EA:CB:DB:94:92:BA:5F:7C:AC:F4:52:39:CC:F4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ueYM8Xn06svblJK6X3ys9FI5zPQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EE03B/AF9671660B6E11EEB29BB170C4F9AE02/C5172A0C0B7E11EE87CBB764C4F9AE02.roa
Signing time: Thu 15 Jun 2023 13:16:00 +0000
ROA not before: Thu 15 Jun 2023 13:16:00 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 202662
IP address blocks: 2401:b60::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EE03B
Validity
Not Before: Jun 15 13:16:00 2023 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=648b0f0f-2c29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:78:cf:bb:55:87:20:e2:38:e1:ea:25:2a:d4:
63:f7:5b:ed:7c:51:80:fe:a3:06:88:05:ff:b7:9a:
99:21:d0:f1:b4:be:ee:56:03:20:0c:ae:91:07:2d:
68:30:f6:98:e8:9d:cf:59:8c:d8:06:78:0f:4b:90:
24:92:ea:17:a1:df:57:ee:bf:06:4e:5d:a1:d3:1d:
13:61:ee:6e:4f:a3:a3:eb:8f:0b:95:01:69:4b:ab:
b6:1c:79:71:83:be:49:9b:66:e8:11:c4:67:51:1d:
91:41:eb:34:62:2b:56:3f:67:25:8e:59:78:d2:a5:
98:62:f8:4c:6d:c6:9a:76:d4:53:29:c0:20:5e:2e:
9f:89:23:91:50:65:04:3e:97:c5:be:c1:54:9a:87:
77:8a:de:e8:cc:cf:e5:63:e8:c5:bb:06:29:7d:2e:
c6:b9:2e:53:e8:bb:9a:d4:ab:f1:91:2c:fa:c1:ec:
84:b5:fc:0b:1d:4d:f8:27:2a:58:e6:fd:94:38:74:
e7:68:cd:10:17:a0:0c:b7:61:a1:9b:24:da:43:2a:
f9:9a:d0:ac:bf:81:bb:5a:0f:7c:63:5c:48:09:61:
60:08:57:79:ca:b7:8e:c1:20:de:c0:5e:60:3b:db:
2b:ba:d0:8a:cb:01:53:d0:30:ba:e4:c9:bc:55:93:
03:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:8E:CA:44:8D:69:E6:F5:98:A2:6F:FD:0E:BC:FC:05:96:49:FF:B8
X509v3 Authority Key Identifier:
keyid:B9:E6:0C:F1:79:F4:EA:CB:DB:94:92:BA:5F:7C:AC:F4:52:39:CC:F4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EE03B/AF9671660B6E11EEB29BB170C4F9AE02/ueYM8Xn06svblJK6X3ys9FI5zPQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ueYM8Xn06svblJK6X3ys9FI5zPQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EE03B/AF9671660B6E11EEB29BB170C4F9AE02/C5172A0C0B7E11EE87CBB764C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:b60::/32
Signature Algorithm: sha256WithRSAEncryption
a3:1e:30:0d:ca:c0:a9:38:0e:9f:d8:c5:14:69:06:63:5e:50:
97:ff:46:2e:35:ec:ab:53:e0:1f:02:fa:65:f5:3b:f9:c0:17:
c7:23:7c:b0:91:87:53:6b:eb:91:8c:fa:83:82:d1:d2:2e:7b:
bd:d2:b8:55:20:a5:26:e4:18:20:e4:90:d9:c8:b8:d4:db:00:
98:ec:fb:63:14:3c:c1:8b:9e:46:03:7f:f8:65:70:44:db:94:
d0:be:96:5f:77:1e:5a:49:8a:95:90:23:5d:1a:11:aa:bc:53:
b0:5d:94:9d:91:a0:df:b4:24:01:cd:80:95:18:f5:0d:0e:c6:
49:24:2d:d0:ed:9b:5e:de:25:79:f5:fa:ab:f4:65:2b:20:5a:
55:18:d6:1c:ec:74:16:74:22:8f:88:c7:4e:12:22:ab:6e:e1:
75:db:f9:94:90:db:17:20:83:63:4f:fc:26:0f:59:6d:fc:ce:
9c:69:77:ca:6c:fe:17:fd:dd:f5:a5:44:02:04:ce:b4:1f:af:
35:ef:ac:27:26:eb:7b:04:b5:16:f1:82:93:ff:8e:aa:b2:f4:
d9:bd:54:49:06:9a:dd:fb:a0:69:b7:e8:44:4e:0f:b8:8e:bd:
f3:f5:ac:bd:04:6e:45:1b:50:86:74:f4:9a:c5:f0:1d:57:65:
ba:28:0e:05
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgIBAzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF
RTAzQjExMC8GA1UEBRMoQjlFNjBDRjE3OUY0RUFDQkRCOTQ5MkJBNUY3Q0FDRjQ1
MjM5Q0NGNDAeFw0yMzA2MTUxMzE2MDBaFw0yNDA5MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0OGIwZjBmLTJjMjkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDMeM+7VYcg4jjh6iUq1GP3W+18UYD+owaIBf+3mpkh0PG0vu5WAyAMrpEHLWgw
9pjonc9ZjNgGeA9LkCSS6heh31fuvwZOXaHTHRNh7m5Po6PrjwuVAWlLq7YceXGD
vkmbZugRxGdRHZFB6zRiK1Y/ZyWOWXjSpZhi+Extxpp21FMpwCBeLp+JI5FQZQQ+
l8W+wVSah3eK3ujMz+Vj6MW7Bil9Lsa5LlPou5rUq/GRLPrB7IS1/AsdTfgnKljm
/ZQ4dOdozRAXoAy3YaGbJNpDKvma0Ky/gbtaD3xjXEgJYWAIV3nKt47BIN7AXmA7
2yu60IrLAVPQMLrkybxVkwMVAgMBAAGjggKWMIICkjAdBgNVHQ4EFgQU/47KRI1p
5vWYom/9Drz8BZZJ/7gwHwYDVR0jBBgwFoAUueYM8Xn06svblJK6X3ys9FI5zPQw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVFMDNCL0FGOTY3MTY2MEI2
RTExRUVCMjlCQjE3MEM0RjlBRTAyL3VlWU04WG4wNnN2YmxKSzZYM3lzOUZJNXpQ
US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvdWVZTThYbjA2c3ZibEpLNlgzeXM5Rkk1elBRLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
RTAzQi9BRjk2NzE2NjBCNkUxMUVFQjI5QkIxNzBDNEY5QUUwMi9DNTE3MkEwQzBC
N0UxMUVFODdDQkI3NjRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAgBggrBgEFBQcBBwEB/wQR
MA8wDQQCAAIwBwMFACQBC2AwDQYJKoZIhvcNAQELBQADggEBAKMeMA3KwKk4Dp/Y
xRRpBmNeUJf/Ri417KtT4B8C+mX1O/nAF8cjfLCRh1Nr65GM+oOC0dIue73SuFUg
pSbkGCDkkNnIuNTbAJjs+2MUPMGLnkYDf/hlcETblNC+ll93HlpJipWQI10aEaq8
U7BdlJ2RoN+0JAHNgJUY9Q0OxkkkLdDtm17eJXn1+qv0ZSsgWlUY1hzsdBZ0Io+I
x04SIqtu4XXb+ZSQ2xcgg2NP/CYPWW38zpxpd8ps/hf93fWlRAIEzrQfrzXvrCcm
63sEtRbxgpP/jqqy9Nm9VEkGmt37oGm36EROD7iOvfP1rL0EbkUbUIZ09JrF8B1X
ZbooDgU=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:06:04 2025 by rpki-client